What are vendor affirmed algorithms in FIPS 140-2

Question

FIPS 140-2 allows FIPS approved algorithms to be either tested by CAVP or to be vendor affirmed. What does "vendor affirmed" imply here? Can I say my AES implementation as vendor affirmed and get it added to the FIPS certificate?

Answer 1

This is a bit of a guess, but on page 6 of the Derived Test Requirements for FIPS PUB 140-2, we have (emphasis mine):

Required Vendor Information

VE01.12.01: The vendor shall provide a validation certificate for all Approved cryptographic algorithms.

VE01.12.02: The vendor shall provide a list of all non-Approved security functions.

VE01.12.03: The vendor shall provide a list of all vendor affirmed security methods.

VE01.12.04: The vendor provided nonproprietary security policy shall include reference to all vendor affirmed security methods.

It sounds like, during a certification, they're breaking crypto implementations into 3 categories:

1. Approved cryptographic algorithms: implementations that have already been certified (that you use internally). These will be excluded from the review.
2. non-Approved security functions: if you really want to use MD5 or twofish, or some other non-FIPS crypto, you need to declare it. These will be excluded from the review.
3. vendor affirmed security methods: things that the vendor claims conform to the spec, but have not yet been verified by NIST. Presumably this is what you are submitting for testing.

---

So as for your question:

Can I say my AES implementation as vendor affirmed and get it added to the FIPS certificate?

Of course! You are perfectly welcome to run your AES implementation through the CAVP and get it FIPS certified (if it passes, of course)